CVE-2022-1348

CVE-2022-1348

A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.

Source: CVE-2022-1348

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다